How does a unique link (over insecure email) and a phonecall (to which number? how to verify speaker?) ensure the person's identity? That sounds dangerously straight forward to subvert.
You make it sound like it's totally insecure. Look at all the alternatives, and I am pretty sure we are the more secure.
Most still use a fax, which is incredibly insecure (how can you be sure who signed?). Other online solutions either use simple email reply or a hand-written signature.
Just to clarify the process, once you uploaded your file and chose the signatories, Signsquid sends a link to each signatory. Each one of them has its own unique link. Then, the sender (you), gain access to the list of codes assigned to each signatory. Again, each one of them as one unique code. You have to call them by phone to tell them the code.
If someone wanted to "hack" the process, he would have to gain access to the inbox of the user and also fake his voice over the phone.
We've had a few thousand years to figure out decent ways to authenticate paper-based documents. Presumably, one of the biggest implications of a paper-based solution is that you get some level of contestability. In the case of a signature, you get penmanship (at least to a certain degree of expert evaluation); for currency, you get the paper type, watermarking, holograms, etc.
You have very little of that in the process described by the OP. The accountability is "email is secure, and you know the person's voice." That's fine if you implicitly trust your contracting counterpart (heck, then the contract has little purpose). But it does little if they later recant or refute the signature. In the end, the most important aspect: It needs to be tested in a court of law before I'd even consider it.
I'm not sure what the "right" solution is in the digital age, but my hunch is that it will involve some sort of PK Crypto. Perhaps we're not too far from having NFC tags embedded in our body for precisely this purpose.
You're supposed to know who you're dealing with when on the phone. If you deal with someone you kinda know (met in person before or on the phone), I really don't see how it's a problem.
On the other hand, if you're doing online business, you may not be the direct public for this service.
Most still use a fax, which is incredibly insecure (how can you be sure who signed?). Other online solutions either use simple email reply or a hand-written signature.
Just to clarify the process, once you uploaded your file and chose the signatories, Signsquid sends a link to each signatory. Each one of them has its own unique link. Then, the sender (you), gain access to the list of codes assigned to each signatory. Again, each one of them as one unique code. You have to call them by phone to tell them the code.
If someone wanted to "hack" the process, he would have to gain access to the inbox of the user and also fake his voice over the phone.